[Gluster-users] Replica 3 volume with forced quorum 1 fault tolerance and recovery
Diego Zuccato
diego.zuccato at unibo.it
Tue Dec 1 14:30:55 UTC 2020
Il 01/12/20 15:23, Dmitry Antipov ha scritto:
> At least I can imagine the volume option to specify "let's assume that
> the only live brick contains the
> most recent (and so hopefully valid) data, so newly (re)started ones are
> pleased to heal from it" behavior.
Too dangerous and prone to byzantine desync.
Say only node 1 survives, and a file gets written to it.
Then, while node 2 returns to activity, node 1 dies before being able to
tell node2 what changed.
Another client writes to the "same" file a different content.
Now node 1 returns active and you have split-brain: no version of the
file is "better" than the other. A returning node 3 can't know (in an
automated way) which copy of the file should be replicated.
That's why you should always have a quorum of N/2+1 when data integrity
is important.
--
Diego Zuccato
DIFA - Dip. di Fisica e Astronomia
Servizi Informatici
Alma Mater Studiorum - Università di Bologna
V.le Berti-Pichat 6/2 - 40127 Bologna - Italy
tel.: +39 051 20 95786
More information about the Gluster-users
mailing list